474172261 / DataProtector
A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.
☆27Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for DataProtector
- ☆27Updated 3 years ago
- ☆32Updated 4 years ago
- ☆12Updated 7 years ago
- Windows Console Monitor☆32Updated 5 years ago
- viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.☆22Updated 7 years ago
- Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…☆21Updated 10 years ago
- Demo List cm/ps/ob/minifilter callback And Patch/Bypass it☆28Updated 6 years ago
- Ssdt Hook Detection tool☆12Updated 8 years ago
- Some eternal WIP stuff :)☆15Updated 4 months ago
- x64 Kernel Hooks Detection☆24Updated 7 years ago
- Open Source Libraries Collection☆24Updated 8 years ago
- a network filter using NDIS hook technique☆19Updated 11 years ago
- A tool to investigate the Windows device manager☆14Updated 5 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆19Updated last year
- use crystalCPUID to identify vt-x & amd-v☆16Updated 9 years ago
- Wow64 syscall hook☆40Updated 7 years ago
- Static Library For Windows Drivers☆30Updated this week
- copy of tdifw lib☆10Updated 7 years ago
- Analysing and defeating PatchGuard universally☆34Updated 4 years ago
- Windows file system driver which allows to block access to files at run-time (C/C++, C#, WDK, SDK)☆9Updated last year
- Remote memory library in C++17.☆30Updated 6 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆24Updated 5 years ago
- Various WinDbg extensions and scripts☆31Updated 6 years ago
- Kernel (Ring0) - SSDT unhook driver☆13Updated 6 years ago
- Bypass HackShield several specific SSDT hook in Ring0☆22Updated 9 years ago
- just an lite AntiRootkit for interesting☆23Updated 8 years ago